Remarks 

1. Summary of Office Action 

In the office action mailed August 2, 2004, the Examiner indicated that the Information 
Disclosure Statement filed on December 1, 2000 fails to comply with provisions of 37 C.F.R. §§ 
1.97-1.98 and M.P.E.P. § 609 because a publication date was not provided for the Caronni et al. 
reference entitled "Virtual Enterprise Networks: The Next Generation of Secure Enterprise 
Networking." 

With respect to the claims, the Examiner rejected claims 13 and 20 under 35 U.S.C. § 
112, second paragraph, as being indefinite for failing to particularly point out and distinctly 
claim the subject matter which Applicants regards as their invention. The Examiner rejected 
claims 1-3, 5-10, 12, 14-16, and 18-20 under 35 U.S.C. § 103(a) as being unpatentable over U.S. 
Patent No. 6,006,264 (Colby et al.) in view of Charles P. Pfleeger, "Security in Computing", 
ISBN 013374866, 1996 (Pfleeger). The Examiner rejected claim 4 under 35 U.S.C. § 103(a) as 
being unpatentable over Colby et al. and Pfleeger, as applied to claim 3. The Examiner rejected 
claims 11, 21, and 22 under 35 U.S.C. § 103(a) as being unpatentable over Colby et al. and 
Pfleeger, as applied to claims 1 and 18. The Examiner rejected claim 13 under 35 U.S.C. § 
103(a) as being unpatentable over Colby et al. and Pfleeger, as applied to claim 12. And, the 
Examiner rejected claim 17 under 35 U.S.C. § 103(a) as being unpatentable over Colby et al. and 
Pfleeger, as applied to claim 16 in view of U.S. Patent No. 5,819,091 (Arendt et al.). 
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2. Information Disclosure Statement 

As noted above, the Examiner indicated that the information disclosure statement filed on 
December 1, 2000 fails to comply with the provisions of 37 C.F.R. §§ 1.97-1.98 arid M.P.E.P. § 
609. Applicants have submitted an information disclosure statement that (i) lists the Caronni et 
al. document entitled "Virtual Enterprise Networks: The Next Generation of Secure Enterprise 
Networking," and (ii) indicates that the Caronni et al. document was printed from the World 
Wide Web at least as early as December 1, 2000, the filing date of the application. 

3. Amendments and Pending Claims 

The application as filed contained 22 claims. Applicants have amended claims 1,16, and 
18. Presently pending in this application are claims 1-22, of which claims 1, 16, and 18 are 
independent, and the remainder are dependent. 

4. Response to § 112 Rejections 

As noted above, the Examiner rejected claims 13 and 20 as being indefinite for failing to 
particularly point out and distinctly claim the subject matter which Applicants regards as their 
invention. According to M.P.E.P. § 2173.05(h), one acceptable form of an alternative 
expression, which is commonly referred to as a Markush group, recites members as being 
"selected from the group consisting of A, B, and C." Applicants submit that the words "the 
group" recited in claims 13 and 20 are part of a respective Markush group in each of these 
claims, and thus, claims 13 and 20 are in proper condition for allowance. 

5. Response to § 103 Rejections of claims 1-16 and 18-22 Over a Combination of 
Colby et al. and Pfleeger 

The Examiner next rejected independent claims 1,16, and 18, and dependent claims 2-15 
and 19-22, as being obvious over a combination of Colby et al. and Pfleeger. Applicants 
respectfully traverse this rejection, because Colby et al. and Pfleeger, whether considered alone 
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or in combination, fail to disclose or suggest the combination of elements recited in any of these 
claims, as would be required to support an obviousness rejection under M.P.E.P. § 2143. 

In particular, with respect to claim 1, the combination of Colby et al. and Pfleeger fails to 
teach the claimed functions of (i) detecting an attempted inter-node communication between 
service components within the computing environment, the attempted inter-node communication 
resulting from a service access communication received into the computing environment from an 
entity external to the computing environment via the external network, or (ii) determining that 
the attempted inter-node communication is not allowed and responsively blocking the attempted 
inter-node communication. In accordance with claim 1, the computing environment includes a 
plurality of processing nodes interconnected via a network switching system, each of the service 
components are programmed on a respective one of the processing nodes, and the computing 
environment is coupled to the external network. 

Further, in particular, with respect to claim 16, the combination of Colby et al. and 
Pfleeger fails to teach the claimed functions of (i) provisioning the public computing platform to 
allow inter-node communications comprising the allowed communications between application 
components and to disallow other inter-node communications, wherein each inter-node 
communication, whether allowed or disallowed, is a communication between processing nodes 
of the public computing platform resulting from an application access communication received 
into the public computing platform from an entity external to the public computing platform via 
the external network, or (ii) determining that an attempted communication between application 
components is not allowed and responsively blocking the attempted communication. In 
accordance with claim 16, application components of at least two applications are loaded onto at 
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least two processing nodes of the public computing platform and the public computing platform 
is coupled to the external network. 

Further still, in particular, with respect to claim 18, the combination of Colby et al. and 
Pfleeger fails to teach the claimed public computing platform that includes (i) logic that is 
executable, in response to an attempted inter-node communication between application 
components within the public computing platform, to make a determination of whether the 
attempted inter-node communication is allowed, wherein the attempted inter-node 
communication occurs as a result of an application access communication received into the 
network switching system via the external network, or (ii) logic that is executable, in response to 
a determination that the attempted inter-node communication is not allowed, to block the 
attempted inter-node communication. In accordance with this claim, the public computing 
platform includes a network switching system coupled to the external network, a plurality of 
processing nodes interconnected via the networking switching system, and a plurality of 
application components loaded onto the processing nodes. 

In rejecting claims 1, 16, and 18, the Examiner indicated that Colby et al. teaches 
communication between service components and executable logic that responds to an attempted 
inter-node communication. However, Colby et al. (as well as Colby et al. in combination with 
Pfleeger) does not teach or suggest the attempted inter-node communication between application 
(or "service") components within the computing environment, where the inter-node 
communication results from an application (or "service") access communication, as recited in 
claims 1, 16, and 18. The specification at page 11, lines 5-6, indicates that "services" are 
equivalent to "applications." 
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At best, Colby et al. teaches (i) a client making a content request, the content request 
being intercepted by a content-aware flow switch, (ii) the flow switch accepting the content 
request and thereafter establishing a logical connection between the client and a server, (iii) the 
flow switch seamlessly forwarding the content request to the server, and (iv) response traffic 
flowing from the server to the flow switch and then from the flow switch to the client. However, 
whether the client and server are on the same network or on different networks, Colby et al. does 
not teach or suggest the attempted inter-node communication between application components 
resulting from an application access communication, as recited in claims 1, 16, or 18. First, if 
the client and server are on the same network, then the content request received at the flow 
switch (and subsequently the server) would not be an application access communication received 
into the network from an entity external to network. Second, if the client and server are on 
different networks (and if the server and client have application components load onto them), 
then the server's response to the client would not be an inter-node communication between 
application components within the network. 

Further, Colby et al does not teach or suggest that a communication between a server and 
the flow switch, or a communication between a client and the flow switch, is an inter-node 
communication between application components, as recited in claims 1,16 and 18. In rejecting 
claims 1,16, and 18, the Examiner indicated that Colby et al. teaches that the content-aware flow 
switch, as well as a server or a client, is a processing node and that a plurality of application 
components are loaded onto a plurality of processing nodes. The Examiner asserted that an 
application, such as a Java applet, is content that a client can request from a server. However, 
even if the content-aware flow switch is a processing node, which Applicants do not concede, 
and even if an application is an application component, which Applicants do not concede, Colby 
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et al. does not teach that the content aware flow switch includes an application component that 
communicates with another application component on the server (or on the client). 

At best, Colby et al. teaches merely that an application, such as a Java applet, is content 
that may be requested by a client, and sent from a server to the client via the content-aware flow 
switch. Although Colby et al. indicates the content-aware flow switch reserves a fixed amount 
of buffer space for flows, Applicants do not find that Colby et al. teaches that an application, 
such as a Java applet, that is forwarded to the content-aware flow switch from a server, actually 
performs a communication with (i) the server that sent the application, or (ii) the client that is to 
receive (or has received) the application from the content-aware flow switch. Since Colby et al. 
teaches merely that an application (content) is forwarded from a server to the content-aware flow 
switch and then from the flow switch to a client, and not that there is any communication 
between the application at the content-aware flow switch and the server and/or client, Applicants 
submit that a communication between a server and the flow switch, or a communication between 
a client and the flow switch, is not an inter-node communication between application 
components, as recited in claims 1,16, and 18. 

Further still, acknowledging that Colby et al. does not teach blocking a disallowed inter- 
node communication, the Examiner turned to Pfleeger at § 9.5, pages 426-428, for teaching this 
missing claim element. With all due respect, however, Applicants submit that § 9.5, including 
pages 426-428 (like the rest of Pfleeger) does not teach or suggest the function of blocking the 
attempted inter-node communication, as recited in claims 1,16, and 18. 

§ 9.5 of Pfleeger teaches merely the use of firewalls, such as a screening router or a proxy 
gateway, to filter all traffic between a protected or "inside" network and a less trustworthy or 
"outside" network. Although Pfleeger teaches blocking communication traffic from an outside 
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network, Applicants submit that Pfleeger does not teach or suggest blocking the attempted inter- 
node communication between service components within the computing environment, where the 
attempted inter-node communication results from a service access communication received into 
the computing environment from an entity external to the computing environment via the 
external network. 

Because Colby et al. and Pfleeger, whether considered alone or in combination, fail to 
disclose or suggest (i) the attempted inter-node communication between application (or service) 
components within the computing environment, where the attempted inter-node communication 
results from an application (or service) access communication received into the computing 
environment, from an entity external to the computing environment, via the external network, or 
(ii) determining that the attempted inter-node communication is not allowed and responsively 
blocking the attempted inter-node communication, Colby et al. and Pfleeger fail to render 
obvious the invention of claims 1, 16, and 18. Further, claims 2-15 and 19-22 depend from 
either claim 1 or 18 and therefore incorporate all of the limitations of either claim 1 or 18, and 
thus Colby et al. and Pfleeger fail to render obvious the invention of claims 2-15 and 19-22 as 
well. 

6. Response to § 103 Rejections of claim 17 Over a Combination of Colby et al, 
Pfleeger, and Arendt et al. 

The Examiner next rejected claim 17 as being obvious over a combination of Colby et al., 
Pfleeger, and Arendt et al. Applicants traverse this rejection because the combination of Colby 
et al., Pfleeger, and Arendt et al. fails to disclose or suggest all of the limitations of this claim, as 
required to support an obviousness rejection. 

Claim 17 depends from claim 16 and thus incorporates all of the limitations of claim 16. 
For the reasons stated above, the combination of Colby et al. and Pfleeger fails to render obvious 
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the invention of claim 17. Further, Applicants submit that Arendt et al. fails to overcome the 
deficiency of the Colby et al./Pfleeger combination. Consequently, the combination of Colby et 
al., Pfleeger, and Arendt et al. fails to render obvious the invention of claim 16 and thus fails to 
render obvious the invention of dependent claim 17. 
7. Conclusion 

For the foregoing reasons, Applicants submit that claims 1-22 are in condition for 
allowance. Therefore, Applicants respectfully request favorable reconsideration and allowance 
of all of the claims. 



Respectfully submitted, 

MCDONNELL BOEHNEN 
HULBERT & BERGHOFF LLP 



Date: October 25, 2004 




Lawrence H. Aaronson 
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